✉️ CyberWeekly 20' July | Issue #6
⁉️ Crowdstrike outage, healthcare ransmoware, HIPPA, Oracle bulk patch updates, Snort IPS, Active Directory pentesting, CVE-2024-27956 - SQLi, CVE-2024-40626 - XSS (Stored), RAG manipulation attacks, etc
🔗 https://hacklido.substack.com/p/cyberweekly-20-july-issue-6
⁉️ Crowdstrike outage, healthcare ransmoware, HIPPA, Oracle bulk patch updates, Snort IPS, Active Directory pentesting, CVE-2024-27956 - SQLi, CVE-2024-40626 - XSS (Stored), RAG manipulation attacks, etc
🔗 https://hacklido.substack.com/p/cyberweekly-20-july-issue-6
💠 How Much Ransome Are Cybercriminals Asking For?
🔗 https://hacklido.com/blog/881-how-much-ransome-are-cybercriminals-asking-for
🔗 https://hacklido.com/blog/881-how-much-ransome-are-cybercriminals-asking-for
HACKLIDO
How Much Ransome Are Cybercriminals Asking For?
We’re focused on… How much money threat actors are asking for when they execute ransomware attacks. Ransom sums can vary wildly At time of writing, the...
💠 Getting started with SOC: Setting an Elastic Home SIEM lab
🔗 https://hacklido.com/blog/891-getting-started-with-soc-setting-an-elastic-home-siem-lab
🔗 https://hacklido.com/blog/891-getting-started-with-soc-setting-an-elastic-home-siem-lab
HACKLIDO
Getting started with SOC: Setting an Elastic Home SIEM lab
If you want to pursue your career as an SOC analyst, you can get hand- off experience for free by setting up your own SIEM labs. Here’s how I did it. What is...
💠 The Unpatchable Exploit: How Checkra1n bypasses iCloud Activation Locks
🔗 https://hacklido.com/blog/899-the-unpatchable-exploit-how-checkra1n-bypasses-icloud-activation-locks
🔗 https://hacklido.com/blog/899-the-unpatchable-exploit-how-checkra1n-bypasses-icloud-activation-locks
HACKLIDO
The Unpatchable Exploit: How Checkra1n bypasses iCloud Activation Locks
The Checkra1n jailbreak has revolutionised the landscape of iOS jailbreaking and security research. Leveraging the powerful checkm8 bootrom exploit, Checkr...
💠 How To Talk About Cybersecurity To People Who Don't [YET] Care
🔗 https://hacklido.com/blog/898-how-to-talk-about-cybersecurity-to-people-who-dont-yet-care
🔗 https://hacklido.com/blog/898-how-to-talk-about-cybersecurity-to-people-who-dont-yet-care
HACKLIDO
How To Talk About Cybersecurity To People Who Don't [YET] Care
We’re focused on… How to talk to people who don’t care about cybersecurity. Why? Because we’re rolling out a new series of blog posts on the BHMEA cont...
💠 Machine Learning In Cybersecurity
🔗 https://hacklido.com/blog/888-machine-learning-in-cybersecurity
🔗 https://hacklido.com/blog/888-machine-learning-in-cybersecurity
HACKLIDO
Machine Learning In Cybersecurity
The emerging field of machine learning (ML) is driving transformations across industries. But while we’re still in these relatively early stages of the int...
💠 Strengths and weaknesses of the new UN cybercrime convention
🔗 https://hacklido.com/blog/902-strengths-and-weaknesses-of-the-new-un-cybercrime-convention
🔗 https://hacklido.com/blog/902-strengths-and-weaknesses-of-the-new-un-cybercrime-convention
HACKLIDO
Strengths and weaknesses of the new UN cybercrime convention
On 8 August 2024, the draft text of the UN Convention Against Cybercrime was finalised. This has real implications for cybersecurity standards and resilien...
💠 A basic overview of Hypervisor Implants
🔗 https://hacklido.com/blog/907-a-basic-overview-of-hypervisor-implants
🔗 https://hacklido.com/blog/907-a-basic-overview-of-hypervisor-implants
HACKLIDO
A basic overview of Hypervisor Implants
Hypervisors are pieces of software used to manage VMs (Virtual Machines) or Guest machines on a Host machine. The main difference between a hypervisor an...
💠 The UN convention on cybercrime: What does it mean for you?
🔗 https://hacklido.com/blog/904-the-un-convention-on-cybercrime-what-does-it-mean-for-you
🔗 https://hacklido.com/blog/904-the-un-convention-on-cybercrime-what-does-it-mean-for-you
HACKLIDO
The UN convention on cybercrime: What does it mean for you?
We’re focused on… The new UN convention on cybercrime. Why? Because the draft text of the UN Convention Against Cybercrime was finalised on 8 August 20...
💠 How do we measure the success of the UN cybercrime convention?
🔗 https://hacklido.com/blog/903-how-do-we-measure-the-success-of-the-un-cybercrime-convention
🔗 https://hacklido.com/blog/903-how-do-we-measure-the-success-of-the-un-cybercrime-convention
HACKLIDO
How do we measure the success of the UN cybercrime convention?
When we asked Betania Allo (Founder and Principal Consultant, BA Cyber Law & Policy) to share her perspective on the new UN Convention Against Cybercr...
💠 Why Cybersecurity Proffessionals Should Study Psychology
🔗 https://hacklido.com/blog/897-why-cybersecurity-proffessionals-should-study-psychology
🔗 https://hacklido.com/blog/897-why-cybersecurity-proffessionals-should-study-psychology
HACKLIDO
Why Cybersecurity Proffessionals Should Study Psychology
We’re focused on… Being OK with making mistakes and not having all the answers. Why? Because we interviewed BHMEA Advisory Board member Jason Lau (CIS...
💠 The Way I Used to Find RCE (Remote Code Execution) via File Upload
🔗 https://hacklido.com/blog/914-the-way-i-used-to-find-rce-remote-code-execution-via-file-upload
🔗 https://hacklido.com/blog/914-the-way-i-used-to-find-rce-remote-code-execution-via-file-upload
HACKLIDO
The Way I Used to Find RCE (Remote Code Execution) via File Upload
Hello, Hacklido community! This is my first article, and I’m excited to share one of my most significant vulnerability discoveries: Remote Code Execution (RC...
💠 Why cyber poverty is a serious problem in 2024
🔗 https://hacklido.com/blog/916-why-cyber-poverty-is-a-serious-problem-in-2024
🔗 https://hacklido.com/blog/916-why-cyber-poverty-is-a-serious-problem-in-2024
HACKLIDO
Why cyber poverty is a serious problem in 2024
In 2023, upcoming Black Hat MEA speaker Ramy Houssaini (Chief Cyber & Technology Risk Officer, & Group Privacy Officer, at BNP Paribas) was one of...
💠 What can we learn from the Crowdstrike IT outage?
🔗 https://hacklido.com/blog/909-what-can-we-learn-from-the-crowdstrike-it-outage
🔗 https://hacklido.com/blog/909-what-can-we-learn-from-the-crowdstrike-it-outage
HACKLIDO
What can we learn from the Crowdstrike IT outage?
The Crowdstrike global IT outage caused widespread disruption, with critical industries put at risk as some of their services stalled. Now, we’re seeing la...
💠 A Zero Day that went undiscovered for 18 years
🔗 https://hacklido.com/blog/917-a-zero-day-that-went-undiscovered-for-18-years
🔗 https://hacklido.com/blog/917-a-zero-day-that-went-undiscovered-for-18-years
HACKLIDO
A Zero Day that went undiscovered for 18 years
Eighteen years is a long time by anyone’s standards – and it’s certainly a long time for a vulnerability to go undetected and unpatched. But in early Apr...
✉️ CyberWeekly 28' Sept | Issue #7
⁉️ CUPS, vulnerabilities, remote code execution, patches, NIST, authentication guidelines, cyberattacks, transportation, logistics, malware, water treatment, cybersecurity, EPA, ATG systems.
🔗 https://hacklido.substack.com/p/cyberweekly-28-sept-issue-7
⁉️ CUPS, vulnerabilities, remote code execution, patches, NIST, authentication guidelines, cyberattacks, transportation, logistics, malware, water treatment, cybersecurity, EPA, ATG systems.
🔗 https://hacklido.substack.com/p/cyberweekly-28-sept-issue-7
💠 Insights from a CISO: What I look for when hiring new talent
🔗 https://hacklido.com/blog/908-insights-from-a-ciso-what-i-look-for-when-hiring-new-talent
🔗 https://hacklido.com/blog/908-insights-from-a-ciso-what-i-look-for-when-hiring-new-talent
HACKLIDO
Insights from a CISO: What I look for when hiring new talent
Hiring cybersecurity talent is one of the major challenges faced by CISOs across the industry. Reaching the right people, developing an attractive job prop...
💠 Crypto security: Embracing transparency in leadership
🔗 https://hacklido.com/blog/918-crypto-security-embracing-transparency-in-leadership
🔗 https://hacklido.com/blog/918-crypto-security-embracing-transparency-in-leadership
HACKLIDO
Crypto security: Embracing transparency in leadership
With a background in counterintelligence for the US Army and experience of building and leading incident response and security engineering teams, Philip Ma...